WhatsApp claims Israeli spyware targeted journalists and civil society members

WhatsApp claims Israeli spyware targeted journalists and civil society members

Meta-owned messaging app WhatsApp said that nearly 100 journalists and civil society members had been targeted by Israeli-made spyware, allegedly operated by Paragon Solutions, an Israeli firm known for creating hacking software.

The platform, which boasts over 2 billion global users, said that the attack was a “zero-click” operation, meaning that the targets were infected without needing to interact with any malicious links.

WhatsApp did not specify the geographical locations of the affected users, nor it disclosed whether any of the targets were based in the United States.

Paragon Solutions, which has a US office in Chantilly, Virginia, has come under scrutiny in recent months. Previous media reports revealed that the company had signed a $2 million contract with the US Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) division. This contract, however, was reportedly put on hold following concerns over compliance with a Biden administration executive order that restricts federal use of certain spyware technologies.

The spyware in question, known as Graphite, is capable of granting full access to an infected phone, allowing the operator to read encrypted messages from apps such as WhatsApp and Signal. Experts suggest that the attack vector, or the method through which the spyware was delivered, was a malicious PDF sent to individuals who had been added to group chats.

WhatsApp confirmed that the spyware campaign was disrupted in December, but the company has not determined how long the devices had been vulnerable. The company also announced that it had sent a “cease and desist” letter to Paragon and was exploring further legal options.

In response to the breach, WhatsApp has been actively notifying the affected users.

Paragon Solutions, for its part, declined to comment on the allegations. However, a source close to the company told The Guardian that Paragon works exclusively with democratic governments and does not conduct business with nations accused of using spyware against their own citizens, such as Greece, Poland, Hungary, Mexico, and India.


Back to the list

Latest Posts

Cyber Security Week in Review: February 14, 2025

Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more.
14 February 2025
Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

The 'BadPilot' campaign involves a series of targeted cyberattacks leveraging bugs in widely used IT infrastructure software.
13 February 2025
Four key distributors of encrypted communications service Sky ECC arrested in Spain and Netherlands

Four key distributors of encrypted communications service Sky ECC arrested in Spain and Netherlands

The two men arrested in Spain are accused of overseeing the global distribution of Sky ECC devices and software.
12 February 2025